chore(ci): Bump the actions-version-updates group with 3 updates

[dependabot]

Bumps the actions-version-updates group with 3 updates: googleapis/release-please-action, softprops/action-gh-release and slackapi/slack-github-action.

Updates googleapis/release-please-action from 4 to 5

Release notes

Sourced from googleapis/release-please-action's releases.

v5.0.0

5.0.0 (2026-04-22)

⚠ BREAKING CHANGES

• upgrade to node24 (#1188)

Features

• upgrade to node24 (#1188) (46dfc01)

Bug Fixes

• bump release-please from 17.3.0 to 17.6.0 (#1199) (f533c26)

v4.4.1

4.4.1 (2026-02-20)

Bug Fixes

• bump release-please from 17.1.3 to 17.3.0 (#1183) (ef9c274)

v4.4.0

4.4.0 (2025-10-09)

Features

• add ability to select versioning-strategy and release-as (#1121) (ee0f5ba)

Bug Fixes

• changelog-host parameter ignored when using manifest configuration (#1151) (535c413)
• bump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (#1149) (3612a99)
• bump release-please from 17.1.2 to 17.1.3 (#1158) (66fbfe9)

v4.3.0

4.3.0 (2025-08-20)

Features

• deps: update release-please to 17.1.2 (f07192c)

v4.2.0

4.2.0 (2025-03-07)

... (truncated)

Changelog

Sourced from googleapis/release-please-action's changelog.

4.1.1 (2024-05-14)

Bug Fixes

• bump release-please from 16.10.0 to 16.10.2 (#969) (aa764e0)
• bump the npm_and_yarn group with 1 update (#967) (ce529d4)

4.1.0 (2024-03-11)

Features

• add changelog-host input to action.yml (#948) (863b06f)

4.0.3 (2024-03-11)

Bug Fixes

• bump release-please from 16.5.0 to 16.10.0 (#953) (d7e88e0)

4.0.2 (2023-12-18)

Bug Fixes

• bump release-please from 16.4.0 to 16.5.0 (#905) (df71963)
• log release-please version (#910) (2a496d1), closes #325

4.0.1 (2023-12-07)

Bug Fixes

• bump release-please from 16.3.1 to 16.4.0 (#897) (2463dad)

4.0.0 (2023-12-01)

⚠ BREAKING CHANGES

• remove most configuration options in favor of manifest configuration to configure the release-please-action
• rewrite in typescript
• remove command option in favor of setting release-type and skip-github-release/skip-github-pull-request
• run on node20
• deps: upgrade release-please to v16
• v4 release

Features

... (truncated)

Commits

• 45996ed chore(main): release 5.0.0 (#1200)
• a8121b9 chore: build dist (#1201)
• f533c26 fix: bump release-please from 17.3.0 to 17.6.0 (#1199)
• 46dfc01 feat!: upgrade to node24 (#1188)
• See full diff in compare view

Updates softprops/action-gh-release from 2 to 3

Release notes

Sourced from softprops/action-gh-release's releases.

v3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

• Move the action runtime and bundle target to Node 24
• Update @types/node to the Node 24 line and allow future Dependabot updates
• Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

v2.6.2

What's Changed

Other Changes 🔄

• chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in softprops/action-gh-release#775
• chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @​dependabot[bot] in softprops/action-gh-release#777
• chore(deps): bump vite from 8.0.0 to 8.0.5 by @​dependabot[bot] in softprops/action-gh-release#781

Full Changelog: softprops/action-gh-release@v2...v2.6.2

v2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

• fix: preserve discussion category on publish by @​chenrui333 in softprops/action-gh-release#765

v2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

0.1.13

• fix issue with multiple runs concatenating release bodies #145

Commits

• b430933 release: cut v3.0.0 for Node 24 upgrade (#670)
• c2e35e0 chore(deps): bump the npm group across 1 directory with 7 updates (#783)
• See full diff in compare view

Updates slackapi/slack-github-action from 1 to 3

Release notes

Sourced from slackapi/slack-github-action's releases.

Slack GitHub Action v3.0.0

The @v3.0.0 release had a hiccup on publish and we recommend using @​v3.0.1 or a more recent version when updating! Oops!

🎽 Running Slack CLI commands and the active Node runtime, both included in this release 👟 ✨

⚠️ Breaking change: Node.js 24 the runtime

This major version updates the GitHub Actions required runtime to Node.js 24. Most GitHub-hosted runners already include this, but self-hosted runners may need to be updated ahead of planned deprecations of Node 20 on GitHub Actions runners.

📺 Enhancement: Run Slack CLI commands

This release introduces a new technique for running Slack CLI commands directly in GitHub Actions workflows. Use this to install the latest version (or a specific one) of the CLI and execute commands like deploy for merges to main, manifest validate with tests, and other commands.

Gather a token using the following CLI command to store with repo secrets, then get started with an example below:

$ slack auth token

🧪 Validate an app manifest on pull requests

Check that your app manifest is valid before merging changes:

🔗 https://docs.slack.dev/tools/slack-github-action/sending-techniques/running-slack-cli-commands/validate-a-manifest

- name: Validate the manifest
  uses: slackapi/slack-github-action/cli@v3.0.0
  with:
    command: "manifest validate --app ${{ vars.SLACK_APP_ID }}"
    token: ${{ secrets.SLACK_SERVICE_TOKEN }}

🚀 Deploy your app on push to main

Automate deployments whenever changes land on your main branch:

🔗 https://docs.slack.dev/tools/slack-github-action/sending-techniques/running-slack-cli-commands/deploy-an-app

- name: Deploy the app
  uses: slackapi/slack-github-action/cli@v3.0.0
  with:
    command: "deploy --app ${{ vars.SLACK_APP_ID }} --force"
    token: ${{ secrets.SLACK_SERVICE_TOKEN }}

Any Slack CLI command can be passed through the command option without the "slack" prefix 🍀

The token input accepts a service token for authentication. You can gather this token by running slack auth token with the Slack CLI and storing the value as a repository secret.

... (truncated)

Commits

• af78098 Release
• add1a00 chore(release): tag version 3.0.1 (#577)
• 2bc9e7a chore: use a unique title for marketplace (#576)
• c5d43da chore(release): tag version 3.0.0 (#575)
• 963b979 build(deps): bump @​slack/web-api from 7.14.1 to 7.15.0 (#574)
• 90b7328 build(deps): bump @​slack/logger from 4.0.0 to 4.0.1 (#573)
• e45cb89 feat: support slack cli commands with composite action inputs (#560)
• 0aed2c2 build(deps): bump https-proxy-agent from 7.0.6 to 8.0.0 (#572)
• 4795f96 build(deps-dev): bump sinon from 21.0.1 to 21.0.2 (#571)
• bd9e2ce build(deps): bump actions/setup-node from 6.2.0 to 6.3.0 (#569)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.